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DETAILED ACTION 
Response to Amendment 

1. Applicants arguments with respect to amended claims 1, 12, 19, 24, and 26, previously 
canceled claims claim 14 and 23, and presently pending claims 1-13, 15-22, and 24-26 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-13, 15-22, and 24-06 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Cunningham et al. Pub. No.: US 2005/0086295 Al. 

Regarding claims 1 and 26, Cunningham et al. teaches a method/system for providing security 
(fig. 2 element 21) to a client computing system (fig. 2 element 1 1) in communication with a 
host communication system across a network (fig. 2 element 31), said method comprising: 

executing a browser on the client computing system (0022; client web browser is 
executed); 

communicating, from the client to the host computing system, a request to download data 
to be displayed in the browser (0027-0028, 0035 and 0031); 



Application/Control Number: 09/971 ,71 7 Page 3 

Art Unit: 2136 

downloading the data from the host computing system to the client computing system via 
a client side firewall in response to the download request (fig. 4; downloading real-time data to 
client computing system via client firewall as shown on Jig. 2 element 21, from the server based 
on client request)', 

loading an interactive software application in the browser, the interactive software 
application utilizing the data downloaded from the host computing system (claim 1, 0029, and 
0032; asynchronous hypertext messages encoded in said HTML document); 

executing the interactive software application in the browser on the client computing 
system, the interactive software application being in communication with at least one element on 
the client side behind the client side firewall (0051-0052; the hypertext message in HTML 
document sent from server to client is executed/displayed on the client computing system in 
communication with the client system); 

wherein the at least one element is outside the browser operating on the client computing 
system and includes a component of an underlying architecture of the client computing system 
(0010-0013; the application received and displayed is in communication with the client 
underlying architecture system); and 

wherein the communication between the interactive software application and the at least 
one element does not pass through the client side firewall (0003 and 0032-0033; the well-known 
blocking certain ports technique on the system of firewall security ... example: IRC port not 
being communicating with client underlying architecture, for instant messages); 
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Regarding claim 12, Cunningham et al. discloses a system for providing security to a client 
computing system operating a browser in communication with an interactive software 
application maintained by a host computing system (figs. 2-5), said system comprising: 

at least one processor in the client computing system operable to generate and 
communicate a request to download the interactive software application from the host computing 
system to the client computing system (0027-0028, and 0031); 

a memory operating in the client computing system to store the interactive software 
application downloaded in response to the download request, said at least one processor 
executing the stored interactive software application inside the browser on the client computing 
system, the executed interactive software application and the browser being in communication 
with at least one element (fig. 4; downloading real-time data to client computing system memory 
storage via client firewall as shown on fig, 2 element 21, from the server based on client 
request); 

wherein the at least one element is outside the browser operating on the client computing 
system and includes a component of an underlying architecture of the client computing system 
(0010-0013; the application received and displayed is in communication with the client 
underlying architecture system); and 

wherein the communication between the interactive software application and the at least 
one element does not pass through the client side firewall (0003 and 0032-0033; the well-known 
blocking certain ports technique on the system of firewall security ... example: IRC port not 
being communicating with client underlying architecture, for instant messages); 
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Regarding claim 19, Cunningham et al. discloses a method for providing security to a client 
computing system operating an interactive software application (figs. 2-5), said method 
comprising: 

loading the interactive software application on the client computing system (fig. 4; 
downloading real-time data to client computing system via client firewall as shown on fig. 2 
element 21, from the server based on client request); 

executing the interactive software application on the client computing system (0051- 
0052; the hypertext message in HTML document sent from server to client is executed/displayed 
on the client computing system in communication with the client system); 

communicating a digital signature to the browser (0034, 0038, 0058 TABLE 1, and 0065; 
signature/certificate authentication); 

verifying digital signature (0034, 0038, 0058 TABLE 1, and 0065; signature/certificate 
authentication and verification); 

upon confirmation of the digital signature, opening a port of the browser for receiving 
data from at least one element (fig. 4 element S8-S9 and 0034-0052; authenticating based on 
signature and opening port to provide data); 

communicating data between the at least one element and the browser on the client 
computing system (0051-0052; the hypertext message in HTML document sent from server to 
client is executed/displayed on the client computing system in communication with the client 
system); 

wherein the at least one element is outside the browser operating on the client computing 
system and includes a component of an underlying architecture of the client computing system 
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(0010-0013; the application received and displayed is in communication with the client 
underlying architecture system); and 

wherein the communication between the interactive software application and the at least 
one element does not pass through the client side firewall (0003 and 0032-0033; the well-known 
blocking certain ports technique on the system of firewall security ... example: IRC port not 
being communicating with client underlying architecture, for instant messages); 

Regarding claims 2 and 13, Cunningham et al. discloses the method/system wherein the 
communication includes issuing and receiving events (claim 1). 

Regarding claims 3 and 14, Cunningham et al. discloses the method/system wherein the at least 
one element includes at least one of a browser and an element of an underlying architecture 
(0035-0052). 

Regarding claims 4 and 15, Cunningham et al. discloses the method/system wherein the 
interactive software application is an applet (claim 5 and 0064); 

Regarding claim 5 Cunningham et al. discloses the method/system wherein the applet is Java 
applet (claim 5 and 0064); 
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Regarding claims 6, 16 and 22, Cunningham et al. discloses the method/system wherein the 
communication commences after verification of a digital signature (0034, 0038, 0058 TABLE 1, 
and 0065); 

Regarding claim 7, Cunningham et al. discloses the method/system further comprising: 
reading a digital signature (0034, 0038, 0058 TABLE 1, and 0065; reading it to 
authenticate); 

verifying the digital signature (0034, 0038, 0058 TABLE 1, and 0065; 
certificate/signature authentication); and 

opening a port of the browser to receive events from the at least one element (fig. 4 
element S8-S9 and 0034-0052; authenticating based on signature and opening port to provide 
data). 

Regarding claims 8 and 17, Cunningham et al. discloses the method/system wherein the data 
includes a model representative of an underlying architecture of a software system (0030, and 
0028). 

Regarding claim 10, Cunningham et al. discloses the method/system wherein the data includes 
content and format information (0035-0052). 

Regarding claims 11,18 and 25, Cunningham et al. discloses the method/system wherein the 
browser is a web browser (claim 22 and fig. 2 element 51). 
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Regarding claim 20, Cunningham et al. discloses the method/system wherein the data includes at 
least one of events and requests (0058 TABLE 1). 

Regarding claim 21, Cunningham et al. discloses the method/system wherein the events and 
requests utilize the HTTP protocol (claim 31). 

Regarding claim 24, Cunningham et al. discloses the method/system wherein the at least one 
element operates on the client side of the client firewall (0024). 

Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272-3867. 
The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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